我正在关注Django 2.0中的Django REST Framework教程, http://www.django-rest-framework.org/tutorial/2-requests-and-responses/ 。 但是,当我添加@api_view装饰器时,我在视图上执行GET时会得到403。
GET /attendance/api/youths/ HTTP 403 Forbidden Allow: OPTIONS, GET Content-Type: application/json Vary: Accept { "detail": "Invalid username/password." }这是我的代码。
@api_view(['GET']) def youths_json(request, format=None): youths = Youth.objects.filter(attending=True) serializer = YouthSerializer(youths, many=True) return Response(serializer.data)当我添加AllowAny权限时,它仍然不起作用。
@permission_classes((AllowAny, ))有任何想法吗? 我想得到这个工作,我真的很想使用ListAPIView 。
I was following along with the Django REST Framework tutorial on Django 2.0, http://www.django-rest-framework.org/tutorial/2-requests-and-responses/. However when I add the @api_view decorator I get a 403 when I do a GET on the view.
GET /attendance/api/youths/ HTTP 403 Forbidden Allow: OPTIONS, GET Content-Type: application/json Vary: Accept { "detail": "Invalid username/password." }This is my code.
@api_view(['GET']) def youths_json(request, format=None): youths = Youth.objects.filter(attending=True) serializer = YouthSerializer(youths, many=True) return Response(serializer.data)When I add the AllowAny permission it still doesn't work.
@permission_classes((AllowAny, ))Any ideas? I would like to get this to work and I would really like to use the ListAPIView.
最满意答案
你忘了添加authentication_classes。 用必要的类添加@authentication_classes()。 要允许用户无需身份验证,请使用空元组。
You forgot to add authentication_classes. Add @authentication_classes() with necessary class. To allow user without authentication use empty tuple.
更多推荐
发布评论